How Engineering Progress Precipitates Crime

We all know there are unintended consequences that come with technological progress. Both unanticipated and undesired, some are so significant that they have a major impact on our society.

I was just in the D.C. area visiting a secured facility to learn more about one of the most troubling consequences of modern technology: the widespread use of computers, cellphones, and commercial electronics to perpetuate crimes. The range of these crimes is breathtaking, from the expected white-collar crimes of fraud, industrial espionage, and intellectual property theft, to terrorism, extortion, exploitation of children, and homicide.

With the widespread deployment of every imaginable form of technology throughout business, national infrastructures, and social networking, there has been an explosion of crime by individuals, groups, and nation states. What is particularly concerning is it appears many of these criminals might not perpetuate these crimes if it were not for the apparent ease, anonymity, and emotional distance that comes from the online world.

The old bumper sticker "guns don't kill people, people kill people," while dubious in traditional crimes, may actually have some relevance to the online criminal community. In this new world, would-be bank robbers don't need to risk approaching a bank teller with a gun and a note. With a little expertise these individuals can use the same beneficial technology they use to write memos for work, send photos to grandparents, and reserve hotel rooms for family vacations, to quietly access someone's account and transfer the funds to undetected foreign accounts. Within some amoral circles, this is nothing more than a victimless crime with insurance picking up the tab.

The FBI takes these technologically enabled crimes seriously, having created a national network of Regional Computer Forensics Labs. At these labs, the normal forensic science of fingerprints, blood splatter patterns, and DNA give way to IP addresses, destroyed hard drives, and encrypted passwords. The booming field of digital forensics employs computer and electrical engineers and computer scientists just as the traditional crime labs employ biologists and chemists.

One of main challenges the FBI faces is the drive to innovate by commercial enterprises. This competitive necessity produces such rapid changes in the technological infrastructure that would-be criminals can exploit countless vulnerabilities before they are even known to the manufacturer or designer.

These cases don't always make it into the public sphere (due to obvious copycat fears), but one crime, which appears on the official FBI Website, shows just how sophisticated this underworld has become. It all starts with three young Eastern Europeans and an unnamed criminal who goes by the name "Hacker 3." As the FBI Website reports, "working together, the four hackers cooked up perhaps the most sophisticated and organized computer fraud attack ever conducted."

It began when a 28-year-old man from Moldova discovered a weakness in the computer network of a major credit card processing company. He passed that information to a hacker living in Estonia, who monitored the network before sharing this information with a Russian hacker.

"The Russian reverse engineered the PIN codes from the encrypted system, and raised the limits on the amount of money that could be withdrawn from the prepaid payroll debit cards," according to the FBI. A global network of hacker thieves then used counterfeit cards to nearly simultaneously hit more than 2,100 money machines in more than 280 cities on three continents for $9 million. Months of difficult digital forensics work by law enforcement and engineers ultimately led to the criminals.

So we learn again that engineers, particularly those whose work is propelling our digital economy, now have one more thing to worry about: our unintended role in crime.

Geoffrey, this is an excellent post, and I think the first two commenters may be a little too defensive about the tech industry. The point is simply that criminals can work in much more sophisticated ways today than they could during the salad days of Whitey Bulger and Jesse James. I think a key takeaway from your post is the observation that tech innovation may be stymied by the inability of law enforcement officials (and internal Web security personnel) to outthink how a global band of interconnected hackers may be able to exploit new developments.

As an individual who benefits from, and makes, extensive use of new technology--but is not “part of” the tech industry--let me make an observation about one aspect of this issue. I think commercial enterprises need to be much less sanguine when they make comments that data such as credit card numbers are “completely safe” when posted on a Web site. An infamous incident comes to mind with the Boston Globe, which actually printed thousands of customers’ credit card numbers on paper that was used to wrap and distributed bundles of Globes. Here was an act of total incompetence that probably didn’t even involve computer hackers! Other, more sophisticated examples are rife. Even data internally protected with RSA security devices proved to be vulnerable to external digital attack.

I think Geoffrey’s message needs to be taken seriously. Expect the unexpected.

In order to show that technological progress causes crime, you would need to show an increase in the overall crime rate that can't be attributed to any other factoe. Is that what the data show? Obviously, as technologies are more widely used in society as a whole, they will be more widely used in crime as well. But this is different from saying that technology actually causes crime. Without seeing the data, I am very skeptical of this claim.

A provocative thesis, but I'd flip it around and say what you've written about says more about engineers' (and law enforcements') increasing awareness of the collateral vulnerabilities of networks, etc., Importantly, organizations like the FBI are doing something to address cybercrime. So I'd say ultimately we have an optimisitic outlook here, tempered only by the sad fact that it's really, really hard to keep up with (catch, stay ahead of) these organized cybercriminal gangs.

If a major catastrophe strikes your area, will you be prepared? Do you know how to modify the tech you've already got or MacGyver what you need to fit your own situation? A free, five-day Continuing Education Center course starting April 6 will show you how.

Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.